CVE 9.3 CRITICAL

LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs_CVE-2025-68664

December 23, 2025 invoker category_cve
9.3 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

Description

LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.

AI Analysis

Serialization injection vulnerability in LangChain's dumps() and dumpd() functions

Basic Information

ID CVE-2025-68664
Source GitHub_M
Published Dec 23, 2025 at 22:47

Affected Product

Vendor langchain-ai
Product langchain
Version >= 1.0.0, < 1.2.5
Affected Versions langchain-ai langchain >= 1.0.0, < 1.2.5
langchain-ai langchain < 0.3.81

CWE Classification

CWE-502

AI Assessment

AI Score 9.3 / 10
AI Severity Critical
Vendor langchain-ai
Product LangChain
Version < 0.3.81, >= 1.0.0, < 1.2.5

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.